Developing our capability in cyber security Academic Centres of Excellence in Cyber Security Research

Size: px
Start display at page:

Download "Developing our capability in cyber security Academic Centres of Excellence in Cyber Security Research"

Transcription

1 Developing our capability in cyber security Academic Centres of Excellence in Cyber Security Research

2 Contents Ministerial Foreword: Rt. Hon. David Willetts MP... 2 Academic Centres of Excellence in Cyber Security Research... 3 Key areas of expertise and specialism... 4 Imperial College London... 6 Newcastle University... 8 Queen s University Belfast Royal Holloway, University of London University College London University of Birmingham University of Bristol University of Cambridge University of Lancaster University of Oxford University of Southampton Glossary of terms Further information DEVELOPING OUR CAPABILITY IN CYBER SECURITY ACADEMIC CENTRES OF EXCELLENCE IN CYBER SECURITY RESEARCH 1

3 Developing our knowledge and capability to secure UK cyber space The world is becoming increasingly interconnected, with the digital revolution helping to deliver huge advances in freedom, knowledge, health, commerce and wellbeing. As we continue to rely ever more heavily on networked information systems, the security of those systems becomes increasingly important for citizens, businesses and governments. The UK Government is responding to these challenges. In 2011 the UK ratified the Budapest convention on cybercrime and hosted the first international conference on cyberspace in London, stimulating a global debate on how to protect the economic and social dividends of cyberspace from growing threats. Since then, the UK cyber security strategy a five-year Government and industry partnership, backed with 860m of funding has been improving the security and resilience of the UK, and promoting growth in UK cyber sector. As a result of these actions, the UK has established itself in a position of leadership in cyber security. The UK has key strengths and capabilities in cyber security and many countries regard the UK as a preferred and trusted partner for cyber security. I am proud that cyber security is yet another area in which the UK research base excels. To identify and promote these capabilities, the UK Government has recognised eleven universities as Academic Centres of Excellence in Cyber Security Research (ACE-CSRs). Further information on these centres is detailed in this document. These Centres of Excellence form the backbone of the UK s world leading cyber security research. It is crucial for academia to work closely with industry and ensure the UK benefits fully from this knowledge and expertise on cyber security. The UK Government is therefore playing a key role in making sure the relationships between Government, industry and academia enable us to achieve this. I hope our businesses and partners around the world are able to gain real value from the excellent work the ACE-CSRs can provide. This work on cyber security is part of our wider effort to invest in research, support innovation and build the UK s knowledge and skills. These are key elements of the Government s industrial strategy, helping to generate growth and ensure the UK competes in the global economy. I would like to thank GCHQ and the Engineering and Physical Sciences Research Council (EPSRC), part of Research Councils UK, for the key role they are playing in the development of these Centres of Excellence, and the universities and staff themselves for their expertise and dedication to this hugely important discipline. I look forward to seeing how these centres will provide cutting-edge cyber knowledge and expertise, and contribute towards a secure, resilient and vibrant cyber space. Rt. Hon. David Willetts MP Minister for Universities and Science Department for Business, Innovation and Skills 2 DEVELOPING OUR CAPABILITY IN CYBER SECURITY ACADEMIC CENTRES OF EXCELLENCE IN CYBER SECURITY RESEARCH

4 Academic Centres of Excellence in Cyber Security Research Academic Centres of Excellence in Cyber Security Research (ACE CSRs) are part of the UK Government s National Cyber Security Strategy, Protecting and Promoting the UK in a Digital World. The strategy describes how Government is working with academia and industry to make the UK more resilient to cyber attacks. The ACE CSRs are based at UK universities which have been recognised as having an established critical mass and pedigree of good quality cyber security research. The initiative is sponsored by the Department for Business, Innovation and Skills (BIS), GCHQ, the Engineering and Physical Sciences Research Council (EPSRC), part of Research Councils UK, the Office of Cyber Security and Information Assurance (OCSIA) in the Cabinet Office and the Centre for the Protection of National Infrastructure (CPNI). As the UK government s National Technical Authority in Information Assurance GCHQ worked closely with EPSRC to lead the initiative to recognise the ACE-CSRs on behalf of the Government. GCHQ continues to actively manage the relationships and associated activities and collaborates with a range of organisations to ensure that the partnership between the public, private and academic sectors flourishes. By recognising the ACE-CSRs, the UK Government aims to: enhance the quality and scale of academic cyber security research and postgraduate training being undertaken in the UK; make it easier for potential users of research to identify the best cyber security research and postgraduate training that the UK has to offer, and help to develop a shared vision and aims among the UK cyber security research community, inside and outside academia. This document contains details of the eleven ACE CSRs and is intended to be a useful reference guide to help stakeholders and potential customers understand the broad range of work happening in the centres. Please contact the centres directly if you would like to discuss your research needs or find out more about what is on offer. During autumn 2014 there will be a further call for universities to apply to be recognised as ACE- CSRs. 3

5 Key areas of expertise and specialism Page Name of centre Key areas of expertise/specialism 6 7 Imperial College London Engineering secure and resilient software systems, including: Operational systems and information assurance Security analysis and system verification 8 9 Newcastle University Cybercrime as a socio-technical issue Security assurance of infrastructures (e.g. identity, cloud computing) Science of cyber security Queen s University Belfast Cyber physical systems security Real-time network analytics and virtualisation High performance/resource constrained cryptography architectures Royal Holloway, University of London Theoretical & practical applications of cryptography Social, technical & organisational aspects of cyber security Information assurance & security for RFID tags, smart cards, mobile & embedded devices University College London Secure software Human and economic aspects of security Privacy and anonymity Cryptology University of Birmingham Design of secure systems Security of embedded systems Cloud computing security Privacy technologies for individuals Network security and malware Analysis and verification of systems University of Bristol Theory, design, implementation & analysis of protocols & systems that use (or relate to) cryptography 4

6 Page Name of centre Key areas of expertise/specialism University of Cambridge Systems security Network and operating system security Security and human factors including psychology and usability Security and privacy of mobile systems and social networks Smart card and banking security Cybercrime, frauds and phishing Anonymity and censorship University of Lancaster Resilience, with a key focus on resilience of networks, cyber-physical systems and studies of user behaviour in order to improve cyber security of large-scale socio-technical systems Development of cyber security solutions that benefit the society at large, particularly vulnerable user groups University of Oxford Analysis and verification of software and security protocols Systems security; trustworthiness and usability Inter-disciplinary cyber security, policy and governance University of Southampton Analysis & design of trustworthy software, bio & cyber metrics, cyber identity, cyber risk analysis Cybercrime, data privacy, international cyber law, provenance and trust Safety & security by design, secure embedded systems, secure web technologies 5

7 Imperial College London Engineering Secure Software Systems Who we are The Imperial College London ACE-CSR focuses on the engineering and design of secure and resilient software systems, addressing security issues both early in the design cycle through formal analysis and verification, and during its operation through maintenance and system adaptation. The ACE-CSR comprises 17 members of staff across three College departments covering a broad research portfolio that focuses on methods, tools and techniques for Engineering Secure Software Systems. Over the last five years, members of the Centre have supervised over 53 doctoral students, published over 158 reviewed papers on topics within the Centre s interests and have held grants totalling over 25m of funding from a wide range of sources, including EPSRC, the European Union, industry and defence. Several further associate members bring in additional expertise in specific areas. The Centre is led from within the Institute for Security Science and Technology (ISST), which coordinates and applies interdisciplinary and crossdepartmental research and innovation to national security and resilience. What we do Broadly, the activities are grouped in two research themes that concern: Security Analysis and System Verification The security and reliability of a software system depends upon the correctness and robustness of its component parts and of the system behaviour as a whole. Work at the Imperial College ACE- CSR has focused on formal techniques for characterising and verifying the system behaviour at design time, but also within the context of web and cloud environments that rely on the sharing of programs. Imperial s research covers: Static and Probabilistic analysis; Secure Web Programming; Symbolic Execution Tools that can characterise inputs that exploit software vulnerabilities, and Protocol Analysis and Formal Verification. Operational Systems and Information Assurance The security and resilience of systems depend on their design and implementation, but also on their ability to enforce the security policy, to adapt to changes, and react to attacks. In addition to detecting intrusions and anomalous behaviour, systems must be able to operate in their presence whilst taking into account risk trade-offs of damage versus functionality. Imperial s research covers: 6

8 Access Control and Authorisation Management; Secure System Adaptation; Security in Cyber Physical Systems; Intelligent Network Protection; and Data Centric Security. Work in this area also includes techniques for hardware-based acceleration of policy enforcement, cryptographic algorithms, and hardware security mechanisms. Both themes are applied in a variety of contexts, from embedded sensing systems such as sensors for healthcare, through infrastructure monitoring, unmanned autonomous systems, operating systems, middleware and large scale distributed systems architectures, to web-based and cloud computing environments. Our work Imperial has built faithful formal models for key components of the web ecosystem (JavaScript, PhP, HTTP protocol, etc.) and developed tools and techniques to verify the information flow, privacy and authorisation properties of web applications. Imperial s work on JavaScript subsets has shown some to be safe (e.g. Google Caja) and uncovered vulnerabilities in others (e.g. Facebook). The ACE-CSR s work on statistical monitoring and anomaly detection is applied to both computer networks and social networks where new techniques have been developed to predict hidden links and nodes, and identify community structures. In network infrastructures we have developed novel characterisations of distributed denial of service (DDoS) attacks, models for the spread of malware, techniques for reacting to compromise to ensure network resilience and techniques for attack-resilient cognitive packet networks. Imperial has developed information-centric security models that track the data flow through systems end-to-end and prevent data disclosures. Based on this work it has designed a secure middleware platform that is used by the NHS to protect medical records in a distributed event-processing environment. Imperial s work on policy-based adaptive security management and authorisation has led to open source software Ponder2 (ponder2.net), which has been used to build solutions for, amongst others, the management and security of sensor networks for e-health, autonomous vehicles, mobile adhoc networks, pervasive workflows and fixed network infrastructures. Their software has been used by others in industry and academia. They have pioneered techniques for policy analysis, policy refinement from high-level requirements, and automated learning of policies from decisions made by legacy systems or human administrators. Imperial contributes in other cyber security funded programmes. It leads the Research Institutes in Automated Program Analysis and Verification and in Trustworthy Industrial Control Systems. It leads a collaborative project on Games and Abstraction in the Research Institute on the Science of Cyber Security. It also investigates aspects of Privacy Dynamics as part of the Global Uncertainties programme on Consortia for Exploratory Research in Security (CEReS) and of Intelligent Protection of Cloud Environments at Run-Time as part of the Business-Academic Collaborations in Cybersecurity to Harness Underpinning Science (BACCHUS). Contact Dr Emil C Lupu, Associate Director Institute for Security Science and Technology, Imperial College London South Kensington Campus London SW7 2AZ +44 (0) securesoftwaresystems Key areas of expertise and specialism Imperial s work focuses on engineering secure and resilient software systems, including: Operational Systems and Information Assurance Security Analysis and System Verification 7

9 Photograph: John Donoghue Newcastle University Centre for Cybercrime and Computer Security Who we are The Newcastle ACE-CSR is based at the Newcastle Centre for Cybercrime and Computer Security (CCCS). The CCCS grew out of an unusual case in 2008 when Northumbria Police took report of stolen virtual sword from the World of Warcraft game. A student studying at a local college asked the police to intervene in its sale on ebay. This intriguing case ultimately led to the development of CCCS at Newcastle University. The CCCS enables police, academics, businesses and public sector organisations to pool their resources to address the challenges of cybercrime, thereby providing the core capability of the ACE-CSR. The ACE-CSR is led by its Director, Dr. Thomas Groß, and Associate Director, Professor Aad van Moorsel. The core research team is based in the Schools of Computing Science, and of Electrical and Electronic Engineering. The Centre also benefits from a broad spectrum of 25 associates in formal methods, dependability, cloud, systems, social sciences, psychology, law, business and international relations, reinforced by lively collaboration with Newcatle University s Centre for Software Reliability and the CultureLab. It maintains active connections with specialists in local businesses and industry. What we do The Centre pursues a vision of Protecting Society s Fabric. Its spectrum ranges from establishing the security of critical infrastructures (e.g. identity, cloud or e-voting) to researching the science of cyber security, including the quantitative side of human factors and usable/ experience-centred security. To date, 12 PhDs in cyber security have been awarded and 15 more are in progress; supervision is available for various programmes for industrial PhD candidates. The Centre s aim is to deliver effective support to all who need cyber security: to provide security solutions, educate people, assist (and create) businesses and to enlighten government. We s Centre for Cybercrime and Computer Security 8

10 offer services to government bodies, police and businesses, organise public events and training (e.g. with the North East Fraud Forum) and supply expert witnesses with a unique combination of police experience and technical expertise. The Centre also hosts the EPSRC Cybercrime Network. The Centre is founded on wide-ranging technical expertise encompassing: cryptography, privacy, systems engineering, security analysis, trustworthy systems, information and operational assurance, the security of strategic technologies (such as cloud, identity or web), risk management, resilience, the science of cyber security and human factors. Uniquely, the Centre also offers hands-on expertise on criminal investigations. Our Work Self-Enforcing E-Voting: Develops a new generation of e-voting systems that do not rely on any trusted authorities. (European Research Council (ERC) funded) FutureID: Establishes an e-id card based electronic identity infrastructure that offers secure identity protocols and brokering. (EU-funded) Cloud Security Assurance: Realises tools to analyse virtualized infrastructures for security properties, adopted by IBM PowerSC Trusted Surveyor. (IBM-collaboration) Cyber Security Research Institute ChAISe: Establishes choice architectures and nudges to improve decision-making. (EPSRC-funded) Research in the Wild of Hyper-Privacy Technologies: Supports survivors of domestic violence. (EPSRC-funded) UNCOVER: Investigates complex system evolution through structured behaviours, e.g. for crime investigation support systems. (EPSRC-funded) NIFTy: Develops novel image forensic tools to combat sexual abuse images of children. (EU-funded) Trust Economics: Established a science of security methodology for trust, leading to new consulting practices at Hewlett-Packard and two spin-off companies. (TSB/HEFCE-JISC-funded) J-PAKE: Developed efficient secure channels over insecure networks without a PKI, adopted by Mozilla, OpenSSL and OpenSSH. (EPSRC-funded) CAPTCHAs: Developed automated Turing tests to protect web resources, which impacted the system design of Google, Microsoft and Yahoo! Contact Director: Dr Thomas Groß Associate Director and PI: Professor Aad van Moorsel Newcastle University UK Academic Centre of Excellence in Cyber Security Research, School of Computing Science, Claremont Tower Newcastle upon Tyne NE1 7RU United Kingdom +44 (0) Photograph: Simon Veit-Wilson Key areas of expertise and specialism Newcastle pursues the theme Protecting Society s Fabric, in particular considering: Cybercrime as a socio-technical issue Security assurance of infrastructures (e.g. identity, cloud computing) Science of cyber security 9

11 Queen s University Belfast The Centre for Secure Information Technologies Who we are The Centre for Secure Information Technologies (CSIT) is a Global Innovation Hub for Cyber Security Research. Established in 2009 with initial funding in the region of 30M, CSIT is the EPSRC/TSB Innovation and Knowledge Centre in Cyber Security. CSIT employs over 80 people and has worldleading research expertise in areas such as network security, biometrics, video analytics, cryptography, situational awareness, SCADA security, malware detection and embedded security. Specifically, CSIT has core capabilities in: Cyber physical systems security Real-time network analytics and virtualisation High performance/resource constrained cryptography architectures Dr Godfrey Gaston is CSIT Director with overall responsibility for the Centre. What we do Uniquely for a university, industry experienced engineers and business development people work alongside CSIT academics, researchers and PhD students to facilitate an environment that is industry focused and measured on impact and commercial exploitation. Operating an Open Innovation model to drive collaboration with member organisations, CSIT carry out contract research, license intellectual property, spin-out companies and have a membership program where industry can invest in the vision of CSIT and join in developing the research strategy that has the overarching theme of securing our digital tomorrow. CSIT is engaged in a number of cyber security collaborative research projects with world leading organisations including BAE Systems, Cisco, IBM, Intel, Infosys, McAfee, Thales, numerous SMEs, spin-out ventures (Titan IC Systems, Microsense, Activ Wireless) and leading institutes in USA, South Korea, India and Europe. CSIT are 10

12 active members of ETSI, ADS and Information Security Ireland. Our Work CSIT has delivered and is involved in numerous projects, including: The PRECYSE (Prevention, protection and REaction to CYber attacks to critical infrastructures) FP7 project is defining, developing and validating a methodology, an architecture and a set of technologies and tools to improve by design the security, reliability and resilience of the ICT systems supporting critical infrastructures. The ARIES (Accelerated Real-Time Information Extraction System) EPSRC project is investigating a new generation of data and memory centric parallel processing architectures and data mining algorithms optimised for mining very large, diverse and highly distributed data assets. The NIMBUS (Network in Internet and Mobile Malicious Software) EPSRC project will act as a catalyst to develop a balanced programme of both blue skies research and near term applied research that will assist in the fight against cybercrime in the UK. The LIOPA (Lip Verification & Online Person Authentication) SBRI project is a novel mobile biometric authentication and speaker verification application, service and application programming interface (API). Liopa won the Software and Digital media category at the 2013 NISP Connect 25K Awards for the most innovative publicly funded research and intellectual property. The HANDHOLD (HANDHeld OLfactory Detector) FP7 project is developing a modular, reconfigurable sensor system for active standoff deployment for the detection of chemical, biological, radiological, nuclear and explosive (CBRNE) substances. CSIT became the first team from Northern Ireland to both co-ordinate and win an FP7 security proposal. CSIT has also delivered industry contract research and development covering malware reverse engineering, Zero Day attacks, network processing hardware design, Video Coding QoS, Processor Architecture and secure antenna design. Contact Dr. Godfrey Gaston, Director Centre for Secure Information Technologies, ECIT Institute, Queen s University Belfast, Northern Ireland Science Park, Queen s Road, Queen s Island, Belfast BT3 9DT +44 (0) Key areas of expertise and specialism CSIT has core capabilities in: Cyber physical systems security Real-time network analytics and virtualisation High performance/resource constrained cryptography architectures 11

13 Royal Holloway University of London Who we are Most of the research in information and cyber security at Royal Holloway is undertaken by members of the Information Security Group (ISG), which is one of the world s largest research groups working in cyber security. The ISG is also one of the oldest groups of its type, having worked on cryptography since the mid-1980s. Royal Holloway was the first institution in the world to offer a degree in information security, accepting its first students in There are now over 2500 alumni of the course from over 100 countries, many working in senior information security roles in Government and industry. The ISG currently has around 40 PhD students and is one of two new doctoral training centres for cyber security, funded by EPSRC and the UK Government. The ISG is a department within the School of Mathematics and Information Security. It employs sixteen full-time and two part-time members of staff, all of whom are actively involved in information and cyber security research and teaching. Some members of the group focus on academic research, while others also undertake industrial research and consultancy. Of the sixteen full-time academics, seven are full professors. The ISG is privileged to have several distinguished visiting professors who are among the most prominent academics and industry figures in information security research. The Group also employs 10 post-doctoral research assistants, working on a wide range of funded projects. What we do The activities of the ISG are supplemented by the research undertaken by members of the Mathematics Department. There is also increasing collaboration between the ISG and the Department of Computer Science, in particular the Theory of Computing and Computer Learning groups. The ISG was founded by a group of mathematicians and computer scientists with interests in cryptography, and research in this area remains an important part of the ISG s activities. It has expertise in cryptanalysis, combinatorial cryptography, quantum information theory and cryptography, provable security and 12

14 message authentication codes. The scope of the ISG s research has expanded dramatically in the last 15 years and now includes access control, authentication and identity management, economics of security and trust, social and organisational aspects of cyber security, malware and botnet detection, the security of systems and technologies (ranging from RFID tags through to global telecommunications networks and critical infrastructure protection), and vulnerability analysis. Royal Holloway has received substantial funding in the last 12 months to support its research in cyber security, including large awards for research on access control in workflow systems, cryptography in theory and practice, adaptive security and economics, and security in the internet of energy. Our work The ISG provides advisory and research services on cyber security and associated topics, drawing on the expertise of its research staff and, as appropriate, a network of trusted professional associate consultants and external researchers. ISG members have advised over 100 companies and organisations worldwide, including multinational corporations, Government departments, trade and standards associations and SMEs. As one of the world s largest academic research groups in information security, the Group s expertise is wide-ranging, including cryptography, key management and related areas, systems engineering and security analysis, information and operational assurance methodologies, the security of technologies and products, and building trusted and trustworthy systems. Royal Holloway s Smart Card Centre also offers specialised advice on smart cards, mobile devices, near-field communications and associated technologies. The Centre s experts have advised in all these areas, and have also guided external organisations with their own information security research and development programmes. Contact Jason Crampton/Keith Mayes Information Security Group Royal Holloway, University of London Egham Hill, Egham TW20 0EX +44 (0) Key areas of expertise and specialism Royal Holloway specialises in: Theoretical & practical applications of cryptography Social, technical & organisational aspects of cyber security Information assurance & security for RFID tags, smart cards, mobile & embedded devices 13

15 Photograph: UCL s JDI Secure Data Laboratory University College London Who we are The University College London ACE-CSR spans five research groups within the Computer Science Department and also includes the departments of Chemistry and Security and Crime Science, which hosts the SECReT doctoral training centre. Currently the Centre has 17 academics, with Jens Groth as Director. UCL hosts the Science of Cyber Security Research Institute, which is the UK s first academic research institute to focus on understanding the overall security of organisations, including their constituent technology, people and processes. The institute is a virtual collaboration with Imperial College, Queen Mary University of London, Royal Holloway, Newcastle University and Northumbria University, funded by a 3.8m grant from EPSRC, GCHQ and BIS. What we do The ACE-CSR conducts a broad range of research in cyber security. The Information Security Group has expertise in human, organisational and economic aspects of security, privacy, identity and trust, and cryptology. The Centre for Research, Evolution, Search and Testing (CREST) develops tools for testing software and eliminating bugs. The Programming Principles, Logic and Verification Group does research on automatic verification of programs. The research of the Networked Systems Group includes secure network protocols, DoS defences, secure routing, exploit resistance and wireless security. The Centre for Computational Complexity works on secure access to e-science infrastructures accessing patient data. Cyber security research is one of UCL s strategic research priorities and UCL has recently launched the JDI Research Laboratory, a 1m secure data analysis centre run jointly by the Computer Science Department and the Security and Crime Science Department. The facility is undergoing certification to allow sensitive and confidential datasets to be brought into the university so that they may be worked upon by researchers in a secure, controlled environment. UCL is educating future cyber security professionals through its MSc and PhD programmes. The MSc in Information Security is a one-year programme where students take taught modules ranging from cryptography, 14

16 computer security and secure programming languages, to information security management and human aspects of security. At the end of the programme the students write a master thesis based on guided research in information security. Our work In the Wedge project our staff, in collaboration with PhD students, designed and built new operating system primitives, new development tools and new least-privilege application architectures which prevent sensitive data from falling into the hands of an attacker, even if the attacker successfully exploits a vulnerability in a network-attached server s (or client s) software. The tools reduced the number of lines of trusted code in the Apache/OpenSSL web server by 94%, while requiring changes to only 1700 of Apache/OpenSSL s 250K+ total lines of code. The Trust Economics project brought together a multi-disciplinary (technical security, human factors, economics) academia-industry team to model organisational security to support security decision-making. The UCL team led by Angela Sasse contributed by quantifying and modelling impact of security mechanisms on the individual and ultimately organisational productivity level and the risk mitigation achieved. The project team produced the first organisational model of the cost and benefits of a specific security measure, the first model of security compliance decisions made by individuals, and showed how unworkable security policies lead to inefficient business processes and ineffective security. The CREST centre has developed tools and techniques for generation of test cases and optimisation of regression testing activities using Search Based Software Engineering (SBSE). Test generation can be used to find flaws in software that may be exploited by attacker and the work on regression testing can be used to check that changes to software do not introduce new potential vulnerabilities. The work on SBSE for test data generation is now part of a tool called AUSTIN that is available as an open source tool for C. Contact Director of the Centre: Dr Jens Groth, Reader in Cryptology Academic Centre of Excellence in Cyber Security Research University College London Department of Computer Science Gower Street, London WC1E 6BT +44 (0) Key areas of expertise and specialism Secure Software Human and Economic Aspects of Security Privacy and Anonymity Cryptology 15

17 University of Birmingham The School of Computer Science Who we are The computer security team at the University of Birmingham was founded in 2005 by Professor Mark Ryan and has steadily grown with expertise in cyber security research. The team is comprised of ten academics and currently five postdoctoral fellows, nine PhD students and one research assistant. The key academics involved are; Professor Mark Ryan (trusted computing, electronic voting, balancing privacy and security, access control and cloud computing), Dr Rami Bahsoon (cloud computing security, software engineering security and information flow), Dr Behzad Bordbar (cloud computing security and software engineering security), Dr Tom Chothia (statistics and information theory, anonymity, distributed systems and RFID), Dr Marco Cova (web security, vulnerability analysis, intrusion detection and electronic voting), Dr Flavio Garcia (cryptographic protocols and primitives, cryptanalysis and reverse engineering, embedded devices security, RFID and privacy), Dr Mirco Musolesi (software engineering, security and human factors in security), Dr Shishir Nagaraja (network security and privacy, anonymity, privacy, graph theory, network resilience and malware analysis), Dr Eike Ritter (modelling and analysing protocols, operating systems and security of pervasive systems) and Dr Hayo Thielecke (software security, program logics and programming language constructs). What we do The effective ethos of the computer security team at Birmingham is working with Government and industry to tackle cyber security problems which are important to society. Critical issues which underpin the research within the team include the analysis and verification of systems, privacy and security, malware, intrusion detection, web security, botnets and secure software engineering. Our work Research currently underway in the computer security team includes Trustworthy Voting Systems. Led by Professor Ryan, this specific research project is helping to create systems for electronic voting which are secure and usable in large scale elections. The team have developed a new electronic voting system that allows the 16

18 authorities to identify and monitor votes that may have taken place under coercion, whilst simultaneously keeping the privacy of peoples votes. One aspect of cyber security is to identify privacy concerns which affect society at large. As people s lives are lived increasingly online, large quantities of data about them and their actions and thoughts are stored on computers all over the world. The Birmingham group is working on figuring out how to avoid abuse of this information. Another activity at Birmingham is the analysis of currently deployed systems. Dr Tom Chothia s research has uncovered a serious flaw in e-passports that jeopardises the privacy of anyone who carries an e-passport. This revelation has prompted further research into radio-frequency identification tags which allows the said tracking of individuals via the passport. In a similar vein, the team at Birmingham have brought to light a vulnerability of 3G standard mobile phones which leaves users unprotected from potential stalkers and other enemies. The solution for this problem has also been addressed by the team which included Dr Eike Ritter. Collectively they found that public key cryptography needs to be deployed within networks in order to thwart these privacy attacks on mobile phone users. In addition to this research, the team is also working on detecting botnets (networks of private computers infected with foreign agents or malicious software unbeknownst to computer owners) and defending computer users against them. Dr Shishir Nagaraja is working on research which examines the communication structures and patterns of peer-to-peer botnets and is using this as a basis for developing botnet defence. Securing anti-theft devices is a component of the research the team is involved with. Dr Flavio Garcia has revealed several weaknesses in the design of anti-theft devices within the car immobiliser industry. The flaws that have been illustrated by Dr Garcia include serious attacks which can recover the secret key from a car in less than six minutes using ordinary hardware. The Security and Privacy Group at the University of Birmingham are vigorously researching the impact on national resilience around financial services, electronic voting, personal privacy, mobile phones, passports and the effective development of scalable and secure cloud computing and services. These are all important issues that need to be addressed in a world where technology is advancing. The team are committed to finding long-term solutions to these problems that will ultimately benefit the future Government, industry and society. Contact Professor Mark Ryan Professor of Computer Security School of Computer Science University of Birmingham, Edgbaston Birmingham B15 2TT +44 (0) groupings/security_and_privacy/ Key areas of expertise and specialism Design of secure systems Security of embedded systems Cloud computing security Privacy technologies for individuals Network security and malware Analysis and verification of systems 17

19 University of Bristol Bristol Security Centre Who we are ACE-CSR activity at the University of Bristol is organised within the Bristol Security Centre (BSC). A range of University-wide efforts and events are coordinated under this umbrella, including a series of popular open house evening lectures on cyber-security. In addition to the Centre for Quantum Photonics, Centre for IT and Law and GCHQfunded Heilbronn Institute, the most significant and directly relevant research and teaching activities relate to cryptography. Housed within the Department of Computer Science, the Cryptography Group is led by Professor Nigel Smart. Since being established in 2000 by Professor Smart, it has expanded to include six members of permanent academic staff, 10 Post Doctoral Research Assistants and 16 PhD students. The Group maintain close links and a portfolio of ongoing research projects with national and international industrial partners and academic research groups, and is guided by a dedicated Industrial Advisory Board (IAB). It is represented at board-level in the International Association for Cryptologic Research (IACR). What we do The ACE-CSR fosters a diverse, highly interdisciplinary research programme spanning theoretical and practical aspects of cryptography and information security. Specific interests and expertise include: Foundational research and number theory Design and formal security analysis of existing and novel cryptographic primitives, protocols and applications Applied attack techniques on cryptography (such as side-channel and fault attacks) Effective implementation of cryptography in hardware and software Various flavours of consultancy, standardisation and commercialisation are evident throughout related output. 18

20 Our work The following highlight a selected set of both completed and active projects: The Centre/Group as a whole has deep, long standing expertise with public key cryptography. Elliptic Curve Cryptography (ECC) is a particular focus, in part because of the emerging trend toward phased replacement of RSA over the medium- to long- term. Among a large body of output, selected highlights include: Underlying Mathematics (e.g., point counting, difficulty of discrete logarithms) Low-level algorithms and arithmetic (e.g. ate pairing, point and field arithmetic, efficient scalar multiplication) High-level protocols (e.g., pairing-based encryption and key agreement) Efficient implementation (e.g., hardware and/or software realisations) Standardisation (e.g. pairing based cryptography through IEEE P1636.3, DAA through ISO/IEC CD ) Based on aspects of this work, members of the group formed a spin-out company in 2001 that was later acquired by Trend Micro. The analysis of deployed protocols and implementations forms a central activity within the Group. Selected highlights include: Theoretical models and proofs of security for TLS, EMV and SSH Analysis and refinement of the Helios electronic voting system Concrete attacks on implementations of TLS within OpenSSL Supported by an EPSRC Leadership Fellowship, Dr. Elisabeth Oswald has focused on improving formal understanding of vulnerabilities based on information leakage. This has long represented a problem for embedded and mobile computing devices, which are often tasked with storing and processing security-critical information. As a result however, many cross-cutting opportunities have emerged; for example, techniques to exploit information leakage from smart-cards can be applied to better understand emerging threats to web-applications (e.g. via analysis of communication flows). Understanding, detecting and preventing attacks of this type represents ongoing work. In part supported by an ERC Advanced Grant, Professor Nigel Smart leads a large team focused on the related topics of Fully Homomorphic Encryption (FHE) and secure Multi-Party Computation (MPC). Both technologies offer solutions within the context of computation on encrypted data: the idea is to compute operations directly on said data, avoiding performance and security impacts of decrypting, then computing, then re-encrypting. Following numerous theoretical breakthroughs over the last few years, the team is now exploring robust, concrete implementations that can support industrial workloads. Contact Dr. Daniel Page University of Bristol Department of Computer Science Merchant Venturers Building Woodland Road, Bristol BS8 1UB. +44 (0) Key areas of expertise and specialism Bristol specialises in the theory, design, implementation and analysis of protocols and systems that use (or relate to) cryptography. 19

Developing our capability in cyber security Academic Centres of Excellence in Cyber Security Research

Developing our capability in cyber security Academic Centres of Excellence in Cyber Security Research Developing our capability in cyber security Academic Centres of Excellence in Cyber Security Research Updated July 2015 Contents Ministerial Foreword: Ed Vaizey MP, Minister for Culture & the Digital Economy....

More information

Professor John McCanny CBE FRS FREng

Professor John McCanny CBE FRS FREng Foundation for Science and Technology-debate How can UK intellectual property be better protected from cyber theft". Professor John McCanny CBE FRS FREng Research Challenges Everyday we create 2.5 quintillion

More information

CYBERSECURITY RESEARCH AND INNOVATION FOR A MORE SECURE BRITAIN CYBERSECURITY ISSUE 2.0

CYBERSECURITY RESEARCH AND INNOVATION FOR A MORE SECURE BRITAIN CYBERSECURITY ISSUE 2.0 CYBERSECURITY RESEARCH AND INNOVATION FOR A MORE SECURE BRITAIN CYBERSECURITY ISSUE 2.0 CYBERSECURITY Research and innovation for a more secure Britain 82 million of current EPSRC investments in research

More information

Information Security at ETH Zurich Institute of Information Security at ETH Zurich Zurich Information Security and Privacy Center

Information Security at ETH Zurich Institute of Information Security at ETH Zurich Zurich Information Security and Privacy Center Information Security at ETH Zurich Institute of Information Security at ETH Zurich Zurich Information Security and Privacy Center Department of Computer Science Introduction Our society is undergoing a

More information

Cyber Security in the University of Oxford: Collaborating without Conforming?

Cyber Security in the University of Oxford: Collaborating without Conforming? Cyber Security in the University of Oxford: Collaborating without Conforming? Andrew Martin June 2013 Workshop on Addressing R&D Challenges in Cybersecurity: Innovation and Collaboration Strategy Cybersecurity

More information

Scheme to Recognise Academic Centres of Excellence in Cyber Security Research

Scheme to Recognise Academic Centres of Excellence in Cyber Security Research Scheme to Recognise Academic Centres of Excellence in Cyber Security Research Call type: Invitation for Applications Closing date: 16 December 2011, 16:00 Briefing meeting date 1 : 15 November 2011 Summary

More information

UCL MSc in Information Security. Dr Emiliano De Cristofaro MSc Course Director 2015/16 https://emilianodc.com

UCL MSc in Information Security. Dr Emiliano De Cristofaro MSc Course Director 2015/16 https://emilianodc.com UCL MSc in Information Security Dr Emiliano De Cristofaro MSc Course Director 2015/16 https://emilianodc.com About UCL Established in 1826 First institution to welcome students of any race, class or religion,

More information

CESG Certification of Cyber Security Training Courses

CESG Certification of Cyber Security Training Courses CESG Certification of Cyber Security Training Courses Supporting Assessment Criteria for the CESG Certified Training (CCT) Scheme Portions of this work are copyright The Institute of Information Security

More information

UCL MSc in Information Security. Dr Emiliano De Cristofaro MSc Course Director 2015/16 https://emilianodc.com

UCL MSc in Information Security. Dr Emiliano De Cristofaro MSc Course Director 2015/16 https://emilianodc.com UCL MSc in Information Security Dr Emiliano De Cristofaro MSc Course Director 2015/16 https://emilianodc.com About UCL Established in 1826 First institution to welcome students of any race, class or religion,

More information

Certification of Master s Degrees Providing a General Broad Foundation in Cyber Security

Certification of Master s Degrees Providing a General Broad Foundation in Cyber Security OFFICIAL Certified Master s Briefing Meeting 14 April 2014 Certification of Master s Degrees Providing a General Broad Foundation in Cyber Security Chris Ensor Michael Kirton Ellie England Graeme Dykes

More information

Advancing cyber security. Cyber Security Academy

Advancing cyber security. Cyber Security Academy Advancing cyber security. Cyber Security Academy An industry/university partnership to advance cyber security through world class research, teaching excellence, industrial expertise and training capacity.

More information

The UK Cyber Security Strategy. Report on progress December 2012. Forward Plans

The UK Cyber Security Strategy. Report on progress December 2012. Forward Plans The UK Cyber Security Strategy Report on progress December 2012 Forward Plans We are at the end of the first year of meeting the objectives outlined in the National Cyber Security Strategy. A great deal

More information

1. Fault Attacks for Virtual Machines in Embedded Platforms. Supervisor: Dr Konstantinos Markantonakis, K.Markantonakis@rhul.ac.uk

1. Fault Attacks for Virtual Machines in Embedded Platforms. Supervisor: Dr Konstantinos Markantonakis, K.Markantonakis@rhul.ac.uk Proposed PhD Research Areas I am looking for strong PhD candidates to work on the projects listed below. The ideal candidate would have a mix of theoretical and practical skills, achieved a distinction

More information

TUSKEGEE CYBER SECURITY PATH FORWARD

TUSKEGEE CYBER SECURITY PATH FORWARD TUSKEGEE CYBER SECURITY PATH FORWARD Preface Tuskegee University is very aware of the ever-escalating cybersecurity threat, which consumes continually more of our societies resources to counter these threats,

More information

UK s new Research Institute investigates the science of cybersecurity

UK s new Research Institute investigates the science of cybersecurity UK s new Research Institute investigates the science of cybersecurity Government Communications Headquarters (GCHQ) How do we know when we are secure enough? How do we decide how best to spend our precious

More information

CASE STUDIES ON CYBER SECURITY

CASE STUDIES ON CYBER SECURITY CASE STUDIES ON CYBER SECURITY ERRIN - CYBER SECURITY BROKERAGE EVENT 30 TH SEPT 2015 DAVID CROZIER TECHNICAL MARKETING MANAGER @DAVID_CROZIER Vision GLOBAL INNOVATION HUB FOR CYBER SECURITY Our vision

More information

The Cyber Threat Profiler

The Cyber Threat Profiler Whitepaper The Cyber Threat Profiler Good Intelligence is essential to efficient system protection INTRODUCTION As the world becomes more dependent on cyber connectivity, the volume of cyber attacks are

More information

CYBER SECURITY Audit, Test & Compliance

CYBER SECURITY Audit, Test & Compliance www.thalescyberassurance.com CYBER SECURITY Audit, Test & Compliance 02 The Threat 03 About Thales 03 Our Approach 04 Cyber Consulting 05 Vulnerability Assessment 06 Penetration Testing 07 Holistic Audit

More information

Lecturer in the School of Computer Applications

Lecturer in the School of Computer Applications Lecturer in the School of Computer Applications Job Description The School of Computer Applications is responsible for the disciplines of computing and quantitative methods within the University and has

More information

Research Topics in the National Cyber Security Research Agenda

Research Topics in the National Cyber Security Research Agenda Research Topics in the National Cyber Security Research Agenda Trust and Security for our Digital Life About this document: This document summarizes the research topics as identified in the National Cyber

More information

The UK cyber security strategy: Landscape review. Cross-government

The UK cyber security strategy: Landscape review. Cross-government REPORT BY THE COMPTROLLER AND AUDITOR GENERAL HC 890 SESSION 2012-13 12 FEBRUARY 2013 Cross-government The UK cyber security strategy: Landscape review 4 Key facts The UK cyber security strategy: Landscape

More information

Job description and selection criteria

Job description and selection criteria University of Oxford Department of Computer Science Job description and selection criteria Job title Division Department Location Grade and salary Hours Contract type Reporting to Researcher in Quality-Centric

More information

A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS. N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1

A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS. N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1 A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1 1 Royal Holloway, University of London 2 University of Strathclyde ABSTRACT Future mobile

More information

Information Security Group (ISG) Core Research Areas. The ISG Smart Card Centre. From Smart Cards to NFC Smart Phone Security

Information Security Group (ISG) Core Research Areas. The ISG Smart Card Centre. From Smart Cards to NFC Smart Phone Security Information Security Group (ISG) From Smart Cards to NFC Smart Phone Security Information Security Group Activities Prof. Keith and Mayes Research From the Information Security Group ACE-CSR at Royal Holloway

More information

Careers in Cryptology, codes, code-breaking and encryption (Developed from AGCAS link enquires, January 2011)

Careers in Cryptology, codes, code-breaking and encryption (Developed from AGCAS link enquires, January 2011) Careers in Cryptology, codes, code-breaking and encryption (Developed from AGCAS link enquires, January 2011) A summary of information received from numerous Careers Services regarding codes, code-breaking

More information

Panel on Emerging Cyber Security Technologies. Robert F. Brammer, Ph.D., VP and CTO. Northrop Grumman Information Systems.

Panel on Emerging Cyber Security Technologies. Robert F. Brammer, Ph.D., VP and CTO. Northrop Grumman Information Systems. Panel on Emerging Cyber Security Technologies Robert F. Brammer, Ph.D., VP and CTO Northrop Grumman Information Systems Panel Moderator 27 May 2010 Panel on Emerging Cyber Security Technologies Robert

More information

Concept and Project Objectives

Concept and Project Objectives 3.1 Publishable summary Concept and Project Objectives Proactive and dynamic QoS management, network intrusion detection and early detection of network congestion problems among other applications in the

More information

Impact and Knowledge Exchange Strategy 2013-2016 Delivering Impact from Research Excellence

Impact and Knowledge Exchange Strategy 2013-2016 Delivering Impact from Research Excellence 1. Background Impact and Knowledge Exchange Strategy 2013-2016 Delivering Impact from Research Excellence Impact is the demonstrable contribution that excellent research (basic, user-inspired and applied)

More information

Protecting Malaysia in the Connected world

Protecting Malaysia in the Connected world Protecting Malaysia in the Connected world cyber Security Company of the Year (Cybersecurity Malaysia, 2014) Most innovative information security company in Malaysia (Cybersecurity Malaysia, 2012) BAE

More information

Cybersecurity at the Nexus of a Hyper- Connected World

Cybersecurity at the Nexus of a Hyper- Connected World Cybersecurity at the Nexus of a Hyper- Connected World Azer Bestavros, Wayne Burleson, Frans Kaashoek, Greg Morrisett, and Engin Kirda Draft of April 4, 2012 This document identifies a number of major

More information

National Cyber Security Policy -2013

National Cyber Security Policy -2013 National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information

More information

Nettitude Ltd. (FHEQ) level 7] MSc Postgraduate Diploma Postgraduate Certificate. British Computer Society (BCS) Master s Degree in Computing

Nettitude Ltd. (FHEQ) level 7] MSc Postgraduate Diploma Postgraduate Certificate. British Computer Society (BCS) Master s Degree in Computing Faculty of Engineering and Informatics Programme Specification Programme title: MSc Cyber Security Academic Year: 2015/16 Degree Awarding Body: Partner(s), delivery organisation or support provider (if

More information

Where Cyber Security fits at RHUL

Where Cyber Security fits at RHUL Cyber Security Research at Royal Holloway Information Security Group Activities and Research An Overview Prof. Keith Martin Where Cyber Security fits at RHUL Information Security Group (ISG) Established

More information

Faculty of Engineering School of Electronic and Electrical Engineering. University Academic Fellow Smart Energy Systems

Faculty of Engineering School of Electronic and Electrical Engineering. University Academic Fellow Smart Energy Systems Faculty of Engineering School of Electronic and Electrical Engineering University Academic Fellow Smart Energy Systems With a vision and drive to develop a prestigious internationally competitive research

More information

Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis

Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis An analogue approach to a digital world What foundations is CDCAT built on?

More information

Dept. of Financial Information Security

Dept. of Financial Information Security Dept. of Financial Information Security Department of Financial Information Security offers an excellent education and interdisciplinary cutting-edge research programs to train future leaders and innovators

More information

MEng, BSc Applied Computer Science

MEng, BSc Applied Computer Science School of Computing FACULTY OF ENGINEERING MEng, BSc Applied Computer Science Year 1 COMP1212 Computer Processor Effective programming depends on understanding not only how to give a machine instructions

More information

Business Plan 2012/13

Business Plan 2012/13 Business Plan 2012/13 Contents Introduction 3 About the NFA..4 Priorities for 2012/13 4 Resources.6 Reporting Arrangements.6 Objective 1 7 To raise the profile and awareness of fraud among individuals,

More information

CyberSecurity Solutions. Delivering

CyberSecurity Solutions. Delivering CyberSecurity Solutions Delivering Confidence Staying One Step Ahead Cyber attacks pose a real and growing threat to nations, corporations and individuals globally. As a trusted leader in cyber solutions

More information

Keynote. Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation.

Keynote. Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation. Keynote Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation 6 & 7 Nov 2013 So many of us now don t just work online but live part

More information

Cyber Security Strategy

Cyber Security Strategy NEW ZEALAND S Cyber Security Strategy 2015 A secure, resilient and prosperous online New Zealand Ministerial Foreword The internet and technology have become a fundamental element in our lives. We use

More information

EPSRC Cross-SAT Big Data Workshop: Well Sorted Materials

EPSRC Cross-SAT Big Data Workshop: Well Sorted Materials EPSRC Cross-SAT Big Data Workshop: Well Sorted Materials 5th August 2015 Contents Introduction 1 Dendrogram 2 Tree Map 3 Heat Map 4 Raw Group Data 5 For an online, interactive version of the visualisations

More information

We have introduced the title of Associate Professor for our grade 9 academic staff, which is equivalent to Senior Lecturer.

We have introduced the title of Associate Professor for our grade 9 academic staff, which is equivalent to Senior Lecturer. Faculty of Engineering School of Computing Lecturer / Associate Professor in Computer Science We have introduced the title of Associate Professor for our grade 9 academic staff, which is equivalent to

More information

New cyber security research lab at the ISG. Dusko Pavlovic. Royal Holloway dusko.pavlovic@rhul.ac.uk

New cyber security research lab at the ISG. Dusko Pavlovic. Royal Holloway dusko.pavlovic@rhul.ac.uk a s e c o New cyber security research lab at the ISG Dusko Pavlovic Royal Holloway dusko.pavlovic@rhul.ac.uk 1 What is ASECOLab? ASECOLab is the Adaptive Security and Economics Laboratory at the Information

More information

Course Bachelor of Information Technology majoring in Network Security or Data Infrastructure Engineering

Course Bachelor of Information Technology majoring in Network Security or Data Infrastructure Engineering Course Bachelor of Information Technology majoring in Network Security or Data Infrastructure Engineering Course Number HE20524 Location Meadowbank OVERVIEW OF SUBJECT REQUIREMENTS Note: This document

More information

------------------------------------------------------------------------------------------------------------------------

------------------------------------------------------------------------------------------------------------------------ WRITTEN MINISTERIAL STATEMENT CABINET OFFICE 3 RD DECEMBER 2012 Minister for the Cabinet Office and Paymaster General: Progress on the UK Cyber Security Strategy: Protecting and Promoting the UK in a Digital

More information

SECURE AND TRUSTWORTHY CYBERSPACE (SaTC)

SECURE AND TRUSTWORTHY CYBERSPACE (SaTC) SECURE AND TRUSTWORTHY CYBERSPACE (SaTC) Overview The Secure and Trustworthy Cyberspace (SaTC) investment is aimed at building a cybersecure society and providing a strong competitive edge in the Nation

More information

MEng, BSc Computer Science with Artificial Intelligence

MEng, BSc Computer Science with Artificial Intelligence School of Computing FACULTY OF ENGINEERING MEng, BSc Computer Science with Artificial Intelligence Year 1 COMP1212 Computer Processor Effective programming depends on understanding not only how to give

More information

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation Commonwealth Approach to Cybergovernance and Cybersecurity By the Commonwealth Telecommunications Organisation Trends in Cyberspace Cyberspace provides access to ICT Bridging the digital divide and influencing

More information

MSc Cyber Security UKPASS P052286. Course 1 Year Full-Time, 2-3 Years Part-Time

MSc Cyber Security UKPASS P052286. Course 1 Year Full-Time, 2-3 Years Part-Time MSc Cyber Security International Students Can Apply UKPASS P052286 Code: Course 1 Year Full-Time, 2-3 Years Part-Time Length: Start Dates: September 2015, January 2016, September 2016, January 2017 Department:Department

More information

POSTGRADUATE OPEN DAY

POSTGRADUATE OPEN DAY POSTGRADUATE OPEN DAY Monday 1 December 2014 Dr Ivor Spence SCHOOL OF ELECTRONICS, ELECTRICAL ENGINEERING AND COMPUTER SCIENCE Postgraduate Courses Overview MSc Courses MSc Software Development (Conversion)

More information

2 Gabi Siboni, 1 Senior Research Fellow and Director,

2 Gabi Siboni, 1 Senior Research Fellow and Director, Cyber Security Build-up of India s National Force 2 Gabi Siboni, 1 Senior Research Fellow and Director, Military and Strategic Affairs and Cyber Security Programs, Institute for National Security Studies,

More information

Research Topics in Security and Privacy using Data Science

Research Topics in Security and Privacy using Data Science Research Topics in Security and Privacy using Data Science School of Informatics University of Edinburgh David Aspinall David.Aspinall@ed.ac.uk http://secpriv.inf.ed.ac.uk/ http://cybersec.ed.ac.uk/ Outline

More information

Russell Group response to the Government Review of the Balance of Competences between the UK and EU: Research and Development

Russell Group response to the Government Review of the Balance of Competences between the UK and EU: Research and Development Russell Group response to the Government Review of the Balance of Competences between the UK and EU: Research and Development 1. Summary EU funding streams are key to the continued growth of research excellence

More information

Close the security gap with a unified approach. Detect, block and remediate risks faster with end-to-end visibility of the security cycle

Close the security gap with a unified approach. Detect, block and remediate risks faster with end-to-end visibility of the security cycle Close the security gap with a unified approach Detect, block and remediate risks faster with end-to-end visibility of the security cycle Events are not correlated. Tools are not integrated. Teams are not

More information

Department of Information Systems and Cyber Security

Department of Information Systems and Cyber Security The University of Texas at San Antonio 1 Department of Information Systems and Cyber Security All graduate programs in Information Systems and Cyber Security are accredited by AACSB International The Association

More information

CYBER SECURITY, A GROWING CIO PRIORITY

CYBER SECURITY, A GROWING CIO PRIORITY www.wipro.com CYBER SECURITY, A GROWING CIO PRIORITY Bivin John Verghese, Practitioner - Managed Security Services, Wipro Ltd. Contents 03 ------------------------------------- Abstract 03 -------------------------------------

More information

Workprogramme 2014-15

Workprogramme 2014-15 Workprogramme 2014-15 e-infrastructures DCH-RP final conference 22 September 2014 Wim Jansen einfrastructure DG CONNECT European Commission DEVELOPMENT AND DEPLOYMENT OF E-INFRASTRUCTURES AND SERVICES

More information

CYBER SECURITY TRAINING SAFE AND SECURE

CYBER SECURITY TRAINING SAFE AND SECURE CYBER SECURITY TRAINING KEEPING YOU SAFE AND SECURE Experts in Cyber Security training. Hardly a day goes by without a cyber attack being reported. With this ever-increasing threat there is a growing need

More information

TRUST Background. National Science Foundation Office of Integrative Activities (OIA) Core Funding (FY2005-2015)

TRUST Background. National Science Foundation Office of Integrative Activities (OIA) Core Funding (FY2005-2015) TRUST TRUST: : Team for Research in Ubiquitous Secure Technology A Collaborative Approach to Advancing Cyber Security Research and Development Larry Rohrbough Executive Director, TRUST University of California,

More information

ROYAL HOLLOWAY University of London PROGRAMME SPECIFICATION

ROYAL HOLLOWAY University of London PROGRAMME SPECIFICATION ROYAL HOLLOWAY University of London PROGRAMME SPECIFICATION This document describes the Master of Science, Master of Science with a Year in Industry, Postgraduate Diploma, and Postgraduate Certificate

More information

NEW ZEALAND S CYBER SECURITY STRATEGY

NEW ZEALAND S CYBER SECURITY STRATEGY Appendix 1 NEW ZEALAND S CYBER SECURITY STRATEGY June 2011 New Zealand Government 7 June 2011 ISBN: 978-0-478-38200-6 www.med.govt.nz/cyberstrategy MED11 Foreword from the Minister The Internet and digital

More information

Defending the Internet of Things

Defending the Internet of Things Defending the Internet of Things Identity at the Core of Security +1-888-690-2424 entrust.com Table of contents Introduction Page 3 Challenge: protecting & managing identity Page 4 Founders of identity

More information

Briefing note: GCHQ Internships

Briefing note: GCHQ Internships Briefing note: GCHQ Internships GCHQ 1 is developing new capabilities in partnership with Industry and Academic Researchers to pursue their cyber security. GCHQ is partnering with the Smith Institute 2

More information

Australian Government Cyber Security Review

Australian Government Cyber Security Review Australian Government Cyber Security Review The Cisco Response Today, governments are almost universally pursuing a development and modernisation agenda to nurture their society into the digital age, and

More information

Legislative Council Panel on Information Technology and Broadcasting. Information Security

Legislative Council Panel on Information Technology and Broadcasting. Information Security For Information on 8 July 2013 LC Paper No. CB(4)834/12-13(05) Legislative Council Panel on Information Technology and Broadcasting Information Security Purpose This paper updates Members on the latest

More information

Entrepreneurship. Entrepreneurship. Innovative. Innovative. Enabling successful enterprise through practical training and development

Entrepreneurship. Entrepreneurship. Innovative. Innovative. Enabling successful enterprise through practical training and development Innovative Enabling successful enterprise through practical training and development Innovative Enabling successful enterprise through practical training and development Enabling Successful Enterprise

More information

Privacy and Security in Healthcare

Privacy and Security in Healthcare 5 th 5 th th National HIPAA Summit National Strategy to Secure Cyberspace Privacy and Security in Healthcare October 31, 2002 Andy Purdy Senior Advisor, IT Security and Privacy The President s Critical

More information

Seminar: Security Metrics in Cloud Computing (20-00-0577-se)

Seminar: Security Metrics in Cloud Computing (20-00-0577-se) Technische Universität Darmstadt Dependable, Embedded Systems and Software Group (DEEDS) Hochschulstr. 10 64289 Darmstadt Seminar: Security Metrics in Cloud Computing (20-00-0577-se) Topics Descriptions

More information

Microsoft s cybersecurity commitment

Microsoft s cybersecurity commitment Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade

More information

2. Cyber security research in the Netherlands

2. Cyber security research in the Netherlands 2. Cyber security research in the Netherlands Jan Piet Barthel MSc Netherlands Organization for Scientific Research A strong motivation to enforce CS research: Absence or lack of cyber security is listed

More information

Diploma in Business and Information Management Diploma in Computer Forensics Diploma in Web Technologies

Diploma in Business and Information Management Diploma in Computer Forensics Diploma in Web Technologies Diploma in Business and Information Management Diploma in Computer Forensics Diploma in Web Technologies PROGRAMME STRUCTURE Aims & Objectives Business and Information Management This course aims to provide

More information

future data and infrastructure

future data and infrastructure White Paper Smart Grid Security: Preparing for the Standards-Based Future without Neglecting the Needs of Today Are you prepared for future data and infrastructure security challenges? Steve Chasko Principal

More information

Diploma in Business and Information Management Diploma in Computer Forensics Diploma in Information Technology Diploma in Web Technologies

Diploma in Business and Information Management Diploma in Computer Forensics Diploma in Information Technology Diploma in Web Technologies Diploma in Business and Information Management Diploma in Computer Forensics Diploma in Information Technology Diploma in Web Technologies PROGRAMME STRUCTURE Aims & Objectives Business and Information

More information

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public

More information

Infocomm Security Masterplan 2

Infocomm Security Masterplan 2 INFOCOMM DEVELOPMENT AUTHORITY OF SINGAPORE 8 Temasek Boulevard #14-00 Suntec Tower 3 Singapore 038988 Tel : 65-62110888 Fax : 65-62112222 www.ida.gov.sg April 2009 Infocomm Security Masterplan 2 The Infocomm

More information

What do Birmingham postgraduates do?

What do Birmingham postgraduates do? 1 What do Birmingham postgraduates do? College of and Physical Sciences What do Birmingham postgraduates do? School of Computer Science First destinations of postgraduates Analysis of first employment

More information

Services. Cybersecurity. Capgemini & Sogeti. Guiding enterprises and government through digital transformation while keeping them secure

Services. Cybersecurity. Capgemini & Sogeti. Guiding enterprises and government through digital transformation while keeping them secure Home Secure digital transformation SMACT Advise, Protect & Monitor Why Capgemini & Sogeti? In safe hands Capgemini & Sogeti Cybersecurity Services Guiding enterprises and government through digital transformation

More information

MASTERS IN BUSINESS ADMINISTRATION MBA PLUS

MASTERS IN BUSINESS ADMINISTRATION MBA PLUS MASTERS IN BUSINESS ADMINISTRATION MBA PLUS INTRODUCING THE NORTHAMPTON BUSINESS SCHOOL MBA PLUS The Northampton Business School MBA Plus is an internationally recognised postgraduate qualification in

More information

WE ARE FUTURE LEADERS

WE ARE FUTURE LEADERS WE ARE FUTURE LEADERS WE ARE THE DEPARTMENT OF BIOENGINEERING Why should you study biomedical engineering? Of all the engineering disciplines, none has the power to transform lives quite so dramatically

More information

European Security Standards Reference Implementation Initiative (ESSRII)

European Security Standards Reference Implementation Initiative (ESSRII) European Security Standards Reference Implementation Initiative (ESSRII) A Proposal for Action in Europe on International Information Security Standards Brian Gladman, European Technical Director, Trusted

More information

Biometric Authentication Platform for a Safe, Secure, and Convenient Society

Biometric Authentication Platform for a Safe, Secure, and Convenient Society 472 Hitachi Review Vol. 64 (2015), No. 8 Featured Articles Platform for a Safe, Secure, and Convenient Society Public s Infrastructure Yosuke Kaga Yusuke Matsuda Kenta Takahashi, Ph.D. Akio Nagasaka, Ph.D.

More information

Programme Specification and Curriculum Map for MSc Computer and Network Security

Programme Specification and Curriculum Map for MSc Computer and Network Security Programme Specification and Curriculum Map for MSc Computer and Network Security 1. Programme title MSc Computer and Network Security 2. Awarding institution Middlesex University 3. Teaching institution

More information

WORK PROGRAMME 2014 2015 Topic ICT 9: Tools and Methods for Software Development

WORK PROGRAMME 2014 2015 Topic ICT 9: Tools and Methods for Software Development WORK PROGRAMME 2014 2015 Topic ICT 9: Tools and Methods for Software Development Dr. Odysseas I. PYROVOLAKIS European Commission DG CONNECT Software & Services, Cloud odysseas.pyrovolakis@ec.europa.eu

More information

Programme Specification

Programme Specification Programme Specification Awarding Body/Institution Teaching Institution Queen Mary, University of London Queen Mary, University of London Name of Final Award and Programme Title Master of Science (MSc)

More information

Postgraduate Computing at Goldsmiths

Postgraduate Computing at Goldsmiths Postgraduate Computing at Goldsmiths We aim to develop your creative as well as your technical skills. That s what makes computing at Goldsmiths so distinctive Key features Our range of Masters extend

More information

CONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE. AIIA Response

CONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE. AIIA Response CONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE AIIA Response 14 November 2011 INTRODUCTION The Australian Information Industry Association (AIIA) is the peak national body representing

More information

Certifications and Standards in Academia. Dr. Jane LeClair, Chief Operating Officer National Cybersecurity Institute

Certifications and Standards in Academia. Dr. Jane LeClair, Chief Operating Officer National Cybersecurity Institute Certifications and Standards in Academia Dr. Jane LeClair, Chief Operating Officer National Cybersecurity Institute Accreditation What is it? Why is it important? How is it attained? The National Centers

More information

Enabling the secure use of RFID

Enabling the secure use of RFID Enabling the secure use of RFID BLACK ME/FOTOLIA.com Enhancing security of radio frequency identification to connect safely to the Internet of Things UHF radio frequency identification (RFID) promises

More information

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA JOÃO MANUEL ASSIS BARBAS Coronel de Artilharia. Assessor de Estudos do IDN INTRODUCTION Globalization and information and communication technologies

More information

Unit 3 Cyber security

Unit 3 Cyber security 2016 Suite Cambridge TECHNICALS LEVEL 3 IT Unit 3 Cyber security Y/507/5001 Guided learning hours: 60 Version 1 September 2015 ocr.org.uk/it LEVEL 3 UNIT 3: Cyber security Y/507/5001 Guided learning hours:

More information

SENATE STANDING COMMITTEE ON LEGAL AND CONSTITUTIONAL AFFAIRS AUSTRALIAN FEDERAL POLICE. Question No. 100

SENATE STANDING COMMITTEE ON LEGAL AND CONSTITUTIONAL AFFAIRS AUSTRALIAN FEDERAL POLICE. Question No. 100 SENATE STANDING COMMITTEE ON LEGAL AND CONSTITUTIONAL AFFAIRS AUSTRALIAN FEDERAL POLICE Question No. 100 Senator McKenzie asked the following question at the hearing on 24 May 2012: a) How do you define

More information

Developing a new generation of business leaders

Developing a new generation of business leaders Executive Route Developing a new generation of business leaders WORKING TOGETHER TO DRIVE SUSTAINABLE BUSINESS TRANSFORMATION The One Planet MBA 1 Working in partnership with WWF International and a range

More information

Security Challenges for the Future Internet. Evangelos Markatos Distr. Computing Systems Laboratory FORTH ICS

Security Challenges for the Future Internet. Evangelos Markatos Distr. Computing Systems Laboratory FORTH ICS Security Challenges for the Future Internet Evangelos arkatos Distr. Computing Systems Laboratory FORT ICS 11 Roadap of the talk Security Challenges: What is the problem? ackers are getting more sophisticated

More information

Curriculum and Module Handbook. Master s Degree Programme. in Finance (Master of Science in Finance) 1 September 2015

Curriculum and Module Handbook. Master s Degree Programme. in Finance (Master of Science in Finance) 1 September 2015 Curriculum and Module Handbook Master s Degree Programme in Finance (Master of Science in Finance) 2015 1 September 2015 1 The curriculum was developed by the following University of Liechtenstein faculty

More information

ATTPS Publication: Trustworthy ICT Taxonomy

ATTPS Publication: Trustworthy ICT Taxonomy Publication: worthy ICT Taxonomy Roger Berkley worthy ICT Taxonomy Research Cybersecurity technology is a considerably large subdomain of ICT. Technology experts like Gartner have identified at least 94

More information

School of Psychology. Forensic Psychology Practice Doctorate (ForenPsyD) Three years full-time

School of Psychology. Forensic Psychology Practice Doctorate (ForenPsyD) Three years full-time Forensic Psychology Practice Doctorate (ForenPsyD) Three years full-time Doctorate Programme for Psychology Trainees (ForenPsyD) employed in a forensic setting Four years part-time The core philosophy

More information

Bachelor of Information Technology (Network Security)

Bachelor of Information Technology (Network Security) Bachelor of Information Technology (Network Security) Course Structure Year 1: Level 100 Foundation knowledge subjects SEMESTER 1 SEMESTER 2 ITICT101A Fundamentals of Computer Organisation ITICT104A Internetworking

More information

MBA Programme. College of Business. Challenge your thinking, transform your future. Dublin Institute of Technology. www.dit/mba

MBA Programme. College of Business. Challenge your thinking, transform your future. Dublin Institute of Technology. www.dit/mba DT348 LEVEL 9 College of Business MBA Programme College of Business Dublin Institute of Technology MBA PROGRAMME PART-TIME Challenge your thinking, transform your future www.dit/mba DT348 LEVEL 9 MBA Programme

More information

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY HTTP://SCIENCE.HAMPTONU.EDU/COMPSCI/ The Master of Science in Information Assurance focuses on providing

More information